What is DNS?
DNS, Domain Name System, is a critical protocol of the Internet that connects domain names to their IP addresses.
Why do we need this protocol? It simplifies our interaction with websites. Due to DNS, we don’t have to memorize website IPs (“IP” stands for Internet Protocol, numerical addresses like 184.108.40.206)—we can access them using only their domains (human-readable addresses like example.com).
All computers on the Internet have their numeric addresses—their IPs. They interact with each other using these addresses. For you to open a website, your browser sends a request to a specific server on the Internet where the content of the website is hosted. To find this server and send the request to it, your browser needs its IP.
How do you find out the IP? It would be great If you could remember the numerical addresses of all websites and enter the desired address into the search bar yourself. However, it’s very inconvenient for people to memorize long numbers. That is where the DNS—the domain name system—helps, as it connects IPs with domains. People just need to know the domain and send the request to it. DNS will help to find the IP of the corresponding server so that you can establish a connection with it and download the content of the website.
Does DNS only store the information about IP addresses? No, it also stores additional information about the domain—for example, its mail servers. A specific type of information about the domain, stored in the DNS system, is called a DNS record.
What are DNS records?
DNS records are used to store information about domain names and the resources associated with them. All records for the particular domain are usually called a DNS zone. The following are some of the most common types of DNS records:
- A (Address) record: A record that maps a domain name to an IP address.
- MX (Mail Exchange) record: Specifies the domain’s mail servers and the priority of each server.
- CNAME (Canonical Name): A record that allows one domain to serve as an alias for another.
- NS (Name Server) record: Specifies the DNS servers in charge of a domain.
- SOA (Start of Authority) record: Stores information about the authoritative DNS server for a domain, such as the primary DNS server, with the domain administrator’s contact information and caching properties.
- PTR (Pointer) record: This record maps an IP address to a domain name and enables reverse DNS lookups.
- AAAA record: A record that maps a domain name to an IPv6 address.
- TXT record: A TXT record is a versatile tool for storing text-based information in the DNS database. They are commonly used for email anti-spam or domain ownership validation and authentication, as well as for storing any type of human-readable information about a domain or hostname.
Types of DNS servers
DNS uses a hierarchical system of DNS servers. You need to know them to understand how DNS works. There are several types of DNS servers, including the following:
- Recursive DNS servers (also referred to as «resolvers») are DNS servers that receive requests from clients and forward those requests to additional DNS servers so that the domain name can be resolved (resolving is the process of finding the corresponding IP to the domain).
- Forwarding DNS servers are DNS servers set up to route all requests to a different DNS server. This makes it possible for domain names to be resolved more quickly in networks that employ multiple DNS servers or sophisticated IT infrastructure (like corporate networks).
- Root DNS servers are in charge of answering inquiries regarding DNS servers for top-level domains (TLDs), such as .com or .org. If a user wants to open example.com, the root DNS servers will help to find the IP addresses of the DNS servers in charge of .com.
- TLD DNS servers are in charge of answering inquiries for second-level domains under a specific TLD. If a user wants to open example.com, a TLD DNS server in charge of .com will help to find an IP address of the Authoritative DNS server in charge of example.com.
- Authoritative DNS servers contain the actual DNS records for a particular domain on their respective DNS servers. They are in charge of giving the proper answer for a specific domain name. Thus, DNS servers for example.com will provide a reply regarding example.com itself and any subdomain like www.example.com or one.example.com.
How does DNS work?
When a user attempts to access a website via a browser, their computer sends a request to a DNS server. In response, the DNS server provides an IP address associated with the website’s domain name. Then the computer establishes a connection to the web server hosting the website using the IP address. The goal of this is to download the content so it will be shown to the browser. Apart from that, the connection can also be used to send data to the server, such as submitting the form or accessing protected content that requires authentication.
The full DNS query process typically involves the following steps:
|1. The user’s device sends a request for the IP address associated with a specific domain name to its local DNS resolver.
|The user wants to open example.com. Their browser sends the local DNS resolver the request to find the IP of example.com.
|2. The local DNS resolver checks its cache for a recent copy of the DNS record (just in case somebody has already requested this domain and the DNS resolver already knows its IP and has saved it into the cache).
|The local DNS resolver checks its cache for the recent copy of DNS records for example.com.
|3. If the local DNS resolver does not have a recent copy, it sends a request to the root DNS server.
|The local DNS resolver hasn’t found a recent copy. It sends a request to the root DNS server—the resolver requests the IP of the DNS server in charge of .com.
|4. The root DNS server responds with the address of a top-level domain (TLD) DNS server.
|The root DNS server responds with the IP of the DNS server in charge of .com.
|5. The local DNS resolver sends a request to the TLD DNS server for the specific domain name.
|Since the local DNS resolver now knows the IP of the DNS server in charge of .com, the resolver can send a request to it. The resolver requests the IP of the DNS server in charge of example.com.
|6. The TLD DNS server responds with the address of the authoritative DNS server for the domain.
|The DNS server in charge of .com responds with the IP of the DNS server in charge of example.com.
|7. The local DNS resolver sends a request to the authoritative DNS server for the IP address associated with the domain name.
|The local DNS resolver sends a request to the DNS server in charge of example.com. The resolver requests the IP of example.com.
|8. The authoritative DNS server responds with the IP address.
|The DNS server in charge of example.com responds with the corresponding IP (220.127.116.11).
|9. The local DNS resolver returns the IP address to the user’s device.
|The local DNS resolver returns 18.104.22.168 to the user’s browser.
|10. The user’s device establishes a connection to the web server using the IP address and downloads the website’s content.
|The user’s browser establishes a connection to 22.214.171.124, and requests the content of example.com from it. As soon as the content is downloaded, the webpage is opened.
It should be noted that this is a simplified version of the process; in reality, there are multiple levels of caching, and DNS queries can be performed using different protocols (UDP or TCP), as well as security measures such as DNSSEC or DNS over HTTPS.
What is DNS hosting?
A DNS hosting service is a service that allows individuals or organizations to store and manage (edit, update, or delete) DNS records for their domain.
Alongside a basic management interface, modern DNS hosting services provide various capabilities like query stats, minimal average network delays towards DNS servers, monitoring and failover for configured records, API and DevOps tooling integrations, prompt change delivery, minimal TTL available, DDoS attack sustainability, etc.
How do you choose a DNS hosting provider?
When choosing a DNS provider, there are several factors to consider, including the following:
- Reliability. The DNS service provider ought to have a history of dependability and uptime.
- Security. To protect against online assaults like massive DDoS attacks, the DNS provider should have robust security measures in place.
- Latency. To ensure quick and effective domain name resolution, the DNS provider should use Anycast routing and a worldwide network of hundreds of servers.
- Automation. All modern automation tooling should be supported (e.g., OctoDNS, Terraform, Certbot, etc.)
- Features. Seek out those which can advance your online services, like instant change delivery, CDN integration, weighted load balancing, GeoDNS, automatic failover, and others.
- Support. Excellent customer service should be available from the DNS provider to address any problems or inquiries.
- Price. The DNS service provider should have reasonable pricing for the services they offer.
You can host your domains on your own infrastructure by means of your engineering team’s efforts, or you can use DNS hosting services. Either way, the goal is to effectively manage DNS records and reply to requests with the minimum possible delay.
If your choice is to use a DNS hosting service, pay attention to our DNS. It has:
- 20 ms average latency around the world—and only 12 ms throughout Europe
- Anycast routing
- GeoDNS functionality
- DDoS protection
- DNS failover
- OctoDNS, Terraform, Certbot, and External DNS support
- Additional features (wildcard DNS support, TTL within 20 seconds, advanced analytics, and others)
- Affordable billing plans, including free plan